Amavisd missing spam headers

Filip Bartmann filbar at centrum.cz
Wed Nov 22 20:22:27 CET 2017


I use amavisd on on my CentOS 7 server, but I have problem with missing
spam headers in messages. Next is my config file. What I have wrong?
---------------------------------------------------------------------------------

@bypass_virus_checks_maps = (1);  # controls running of anti-virus code
@bypass_spam_checks_maps  = (1);  # controls running of anti-spam code
$bypass_decode_parts = 1;         # controls running of
decoders&dearchivers

$max_servers = 1;            # num of pre-forked children (2..30 is
common), -m $daemon_user  = 'amavis';    # (no default;  customary:
vscan or amavis), -u $daemon_group = 'amavis';    # (no default;
customary: vscan or amavis), -g

$mydomain = 'filbar.name';   # a convenient default for other settings

$MYHOME = '/var/spool/amavisd';   # a convenient default for other
settings, -H $TEMPBASE = "$MYHOME/tmp";   # working directory, needs to
exist, -T $ENV{TMPDIR} = $TEMPBASE;    # environment variable TMPDIR,
used by SA, etc. $QUARANTINEDIR = undef;      # -Q
# $quarantine_subdir_levels = 1;  # add level of subdirs to disperse
quarantine # $release_format = 'resend';     # 'attach', 'plain',
'resend' # $report_format  = 'arf';        # 'attach', 'plain',
'resend', 'arf'

# $daemon_chroot_dir = $MYHOME;   # chroot directory or undef, -R

$db_home   = "$MYHOME/db";        # dir for bdb nanny/cache/snmp
databases, -D # $helpers_home = "$MYHOME/var";  # working directory for
SpamAssassin, -S $lock_file = "/var/run/amavisd/amavisd.lock";  # -L
$pid_file  = "/var/run/amavisd/amavisd.pid";   # -P
#NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually

$log_level = 0;              # verbosity 0..5, -d
$log_recip_templ = undef;    # disable by-recipient level-0 log entries
$do_syslog = 1;              # log via syslogd (preferred)
$syslog_facility = 'mail';   # Syslog facility as a string
           # e.g.: mail, daemon, user, local0, ... local7

$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and
nanny) # $enable_zmq = 1;           # enable use of ZeroMQ (SNMP and
nanny) $nanny_details_level = 2;    # nanny verbosity: 1: traditional,
2: detailed $enable_dkim_verification = 1;  # enable DKIM signatures
verification $enable_dkim_signing = 1;    # load DKIM signing code,
keys defined by dkim_key

@local_domains_maps = qw( . );

@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10
                  10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );

$unix_socketname = "/var/run/amavisd/amavisd.sock";  # amavisd-release
or amavis-milter # option(s) -p overrides $inet_socket_port and
$unix_socketname

$inet_socket_port = 10024;   # listen on this local TCP port(s)
# $inet_socket_port = [10024,10026];  # listen on multiple TCP ports

$policy_bank{'MYNETS'} = {   # mail originating from @mynetworks
  originating => 1,  # is true in MYNETS by default, but let's make it
explicit os_fingerprint_method => undef,  # don't query p0f for
internal clients };

# it is up to MTA to re-route mail from authenticated roaming users or
# from internal hosts to a dedicated TCP port (such as 10026) for
filtering $interface_policy{'10026'} = 'ORIGINATING';

$policy_bank{'ORIGINATING'} = {  # mail supposedly originating from our
users originating => 1,  # declare that mail was submitted by our smtp
client allow_disclaimers => 1,  # enables disclaimer insertion if
available # notify administrator of locally originating malware
  virus_admin_maps => ["virusalert\@$mydomain"],
  spam_admin_maps  => ["virusalert\@$mydomain"],
  warnbadhsender   => 1,
  # forward to a smtpd service providing DKIM signing service
  forward_method => 'smtp:[127.0.0.1]:10027',
  # force MTA conversion to 7-bit (e.g. before DKIM signing)
  smtpd_discard_ehlo_keywords => ['8BITMIME'],
  bypass_banned_checks_maps => [1],  # allow sending any file names and
types terminate_dsn_on_notify_success => 0,  # don't remove
NOTIFY=SUCCESS option };

$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with
$unix_socketname

# Use with amavis-release over a socket or with Petr Rehor's
amavis-milter.c # (with amavis-milter.c from this package or old
amavis.c client use 'AM.CL'): $policy_bank{'AM.PDP-SOCK'} = {
  protocol => 'AM.PDP',
  auth_required_release => 0,  # do not require secret_id for
amavisd-release };

$sa_tag_level_deflt  = -999;  # add spam info headers if at, or above
that level $sa_tag2_level_deflt = 8.0;  # add 'spam detected' headers
at that level $sa_kill_level_deflt = 9.31;  # triggers spam evasive
actions (e.g. blocks mail) $sa_dsn_cutoff_level = 10;   # spam level
beyond which a DSN is not sent $sa_crediblefrom_dsn_cutoff_level = 18;
# likewise, but for a likely valid From # $sa_quarantine_cutoff_level =
25; # spam level beyond which quarantine is off $penpals_bonus_score =
8;    # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on
hi spam $bounce_killer_score = 100;  # spam score points to add for
joe-jobbed bounces

$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail
is larger $sa_local_tests_only = 0;    # only tests which do not
require internet access?

$virus_admin               = undef;                    # notifications
recip.

$mailfrom_notify_admin     = undef;                    # notifications
sender $mailfrom_notify_recip     = undef;                    #
notifications sender $mailfrom_notify_spamadmin =
undef;                    # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender
if undef

@addr_extension_virus_maps      = ('virus');
@addr_extension_banned_maps     = ('banned');
@addr_extension_spam_maps       = ('spam');
@addr_extension_bad_header_maps = ('badh');
# $recipient_delimiter = '+';  # undef disables address extensions
altogether # when enabling addr extensions do also Postfix/main.cf:
recipient_delimiter=+

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
# $dspam = 'dspam';

$MAXLEVELS = 14;
$MAXFILES = 3000;
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not
enforced) $MAX_EXPANSION_QUOTA = 500*1024*1024;  # bytes  (default
undef, not enforced)

$sa_spam_subject_tag = '***Spam*** ';
$defang_virus  = 1;  # MIME-wrap passed infected mail
$defang_banned = 1;  # MIME-wrap passed mail containing banned name
# for defanging bad headers only turn on certain minor contents
categories: $defang_by_ccat{CC_BADH.",3"} = 1;  # NUL or CR character
in header $defang_by_ccat{CC_BADH.",5"} = 1;  # header line longer than
998 characters $defang_by_ccat{CC_BADH.",6"} = 1;  # header field
syntax error


# OTHER MORE COMMON SETTINGS (defaults may suffice):

# $myhostname = 'host.example.com';  # must be a fully-qualified domain
name!

#$notify_method  = 'smtp:[127.0.0.1]:10028';
#$forward_method = 'smtp:[127.0.0.1]:10028';  # set to undef with
milter!

$final_virus_destiny      = D_DISCARD;
$final_banned_destiny     = D_BOUNCE;
$final_spam_destiny       = D_DISCARD;  #!!!  D_DISCARD / D_REJECT
$final_bad_header_destiny = D_BOUNCE;
# $bad_header_quarantine_method = undef;

# $os_fingerprint_method = 'p0f:*:2345';  # to query p0f-analyzer.pl

## hierarchy by which a final setting is chosen:
##   policy bank (based on port or IP address) -> *_by_ccat
##   *_by_ccat (based on mail contents) -> *_maps
##   *_maps (based on recipient address) -> final configuration value


# SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for
all)

# $warnbadhsender,
# $warnvirusrecip, $warnbannedrecip, $warnbadhrecip, (or
@warn*recip_maps) #
# @bypass_virus_checks_maps, @bypass_spam_checks_maps,
# @bypass_banned_checks_maps, @bypass_header_checks_maps,
#
# @virus_lovers_maps, @spam_lovers_maps,
# @banned_files_lovers_maps, @bad_header_lovers_maps,
#
# @blacklist_sender_maps, @score_sender_maps,
#
# $clean_quarantine_method, $virus_quarantine_to, $banned_quarantine_to,
# $bad_header_quarantine_to, $spam_quarantine_to,
#
# $defang_bad_header, $defang_undecipherable, $defang_spam
1;  # insure a defined return value


More information about the amavis-users mailing list